Cyber Daily News January 24, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - CISA Adds Five Enterprise Software Flaws to Known Exploited Vulnerabilities Catalog https://thecyberexpress.com/cisa-adds-enterprise-software-flaws-to-kev/ - 11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061) https://securityaffairs.com/187255/security/11-year-old-critical-telnetd-flaw-found-in-gnu-inetutils-cve-2026-24061.html - Fortinet warns of active FortiCloud SSO bypass affecting updated devices https://securityaffairs.com/187250/security/fortinet-warns-of-active-forticloud-sso-bypass-affecting-updated-devices.html

Cyber Daily News January 23, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Under Armour ransomware breach: data of 72 million customers appears on the dark web https://www.malwarebytes.com/blog/news/2026/01/under-armour-ransomware-breach-data-of-72-million-customers-appears-on-the-dark-web - Phishing Kits Now Sync With Live Phone Scammers to Defeat Multifactor Authentication https://thecyberexpress.com/phishing-toolkits-to-defeat-mfa/ - GitLab Releases Critical Patch Updates to Address Multiple High-Severity Vulnerabilities https://thecyberexpress.com/gitlab-patch-release-security-vulnerabilities/ - Financial Firms Are Failing Basic Cybersecurity, Bank of England Finds https://thecyberexpress.com/financial-firm-cybersecurity-lacking-boe/ - Fortinet Admins Report Active Exploits on “Fixed” FortiOS 7.4.9 Firmware https://thecyberexpress.com/active-exploits-on-fixed-fortios-749-firmware/ - Critical SmarterMail vulnerability under attack, no CVE yet https://securityaffairs.com/187201/hacking/critical-smartermail-vulnerability-under-attack-no-cve-yet.html

Cyber Daily News January 14, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Microsoft Patch Tuesday January 2026: Actively Exploited Zero Day, 8 High-Risk Flaws https://thecyberexpress.com/patch-tuesday-january-2026-zero-day/ - MS-ISAC Flags High-Risk Security Flaws in Fortinet Products https://thecyberexpress.com/ms-isac-fortinet-vulnerabilities/ - Online shoppers at risk as Magecart skimming hits major payment networks https://www.malwarebytes.com/blog/news/2026/01/online-shoppers-at-risk-as-magecart-skimming-hits-major-payment-networks - New Android Banking Malware ‘DeVixor’ Adds Ransomware Capabilities https://thecyberexpress.com/android-banking-malware-devixor-ransomware/ - AZ Monica hospital in Belgium shuts down servers after cyberattack https://securityaffairs.com/186882/cyber-crime/az-monica-hospital-in-belgium-shuts-down-servers-after-cyberattack.html - Threat actor claims the theft of full customer data from Spanish energy firm Endesa https://securityaffairs.com/186861/cyber-crime/threat-actor-claims-the-theft-of-full-customer-data-from-spanish-energy-firm-endesa.html - Data broker fined after selling Alzheimer’s patient info and millions of sensitive profiles https://www.malwarebytes.com/blog/news/2026/01/data-broker-fined-after-selling-alzheimers-patient-info-and-millions-of-sensitive-profiles

Cyber Daily News January 13, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Spanish Energy Giant Endesa Notifies Customers of Data Breach Impacting Energía XXI https://thecyberexpress.com/endesa-data-breach/ - Attackers Targeting LLMs in Widespread Campaign https://thecyberexpress.com/attackers-targeting-llms-widespread-campaign/ - U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/186837/hacking/u-s-cisa-adds-a-flaw-in-gogs-to-its-known-exploited-vulnerabilities-catalog.html - Meta fixes Instagram password reset flaw, denies data breach https://securityaffairs.com/186829/security/meta-fixes-instagram-password-reset-flaw-denies-data-breach.html

Cyber Daily News January 12, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Credential-harvesting attacks by APT28 hit Turkish, European, and Central Asian organizations https://securityaffairs.com/186801/apt/credential-harvesting-attacks-by-apt28-hit-turkish-european-and-central-asian-organizations.html - Canopy Health Confirms Cyberattack, Patients Not Notified for Six Months https://thecyberexpress.com/canopy-health-data-breach-six-month-delay/ - After EU Probe, U.S. Senators Push Apple and Google to Review Grok AI https://thecyberexpress.com/grok-ai-under-fire-target-apple-and-google/ - Kyowon Group Confirms Cyberattack as Multiple Systems Go Offline https://thecyberexpress.com/kyowon-group-cyberattack-update/ - 84 Hrs and Counting as Internet Blackout in Iran Continues Amid Nationwide Unrest https://thecyberexpress.com/internet-blackout-in-iran-continues/

Cyber Daily News January 11, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - A massive breach exposed data of 17.5M Instagram users https://securityaffairs.com/186765/data-breach/a-massive-breach-exposed-data-of-17-5m-instagram-users.html - North Korea–linked APT Kimsuky behind quishing attacks, FBI warns https://securityaffairs.com/186755/intelligence/north-korea-linked-apt-kimsuky-behind-quishing-attacks-fbi-warns.html

Cyber Daily News January 10, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - North Korean Kimsuky Threat Actors Use Malicious QR Codes to Target Foreign Policy Experts https://thecyberexpress.com/kimsuky-threat-actors-malicious-qr-codes/ - Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals https://securityaffairs.com/186745/data-breach/illinois-department-of-human-services-idhs-suffered-a-data-breach-that-impacted-700k-individuals.html - Trend Micro fixed a remote code execution in Apex Central https://securityaffairs.com/186733/hacking/trend-micro-fixed-a-remote-code-execution-in-apex-central.html

Cyber Daily News January 9, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Iran cuts Internet nationwide amid deadly protest crackdown https://securityaffairs.com/186718/intelligence/iran-cuts-internet-nationwide-amid-deadly-protest-crackdown.html - Chinese-speaking hackers exploited ESXi zero-days long before disclosure https://securityaffairs.com/186709/hacking/chinese-speaking-hackers-exploited-esxi-zero-days-long-before-disclosure.html - China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware https://securityaffairs.com/186698/security/china-linked-uat-7290-spies-on-telco-in-south-asia-and-europe-using-modular-malware.html - Astaroth banking Trojan spreads in Brazil via WhatsApp worm https://securityaffairs.com/186685/malware/astaroth-banking-trojan-spreads-in-brazil-via-whatsapp-worm.html - Global DNS Crash Triggers Reboot Loops Across Cisco Small Business Switches https://thecyberexpress.com/dns-crash-cisco-small-business-switches/ - CISA Warns of Attacks on PowerPoint and HPE Vulnerabilities https://thecyberexpress.com/cisa-warns-powerpoint-and-hpe-vulnerabilities/ - Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability https://securityaffairs.com/186682/security/public-poc-prompts-cisco-patch-for-ise-ise-pic-vulnerability.html

Cyber Daily News January 8, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - New n8n Vulnerability (CVE-2026-21858) Allows Unauthenticated File Access and RCE https://thecyberexpress.com/cve-2026-21858-n8n-webhook-vulnerability/ - Australian Insurer Prosura Confirms Cyber Incident, Takes Online Services Offline Amid Investigation https://thecyberexpress.com/prosura-cyberattack-explained/ - Infostealers and Lack of MFA Led to Dozens of Major Breaches https://thecyberexpress.com/infostealers-and-lack-of-mfa-led-to-breaches/ - U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/186672/security/u-s-cisa-adds-hpe-oneview-and-microsoft-office-powerpoint-flaws-to-its-known-exploited-vulnerabilities-catalog.html - China-linked groups intensify attacks on Taiwan’s critical infrastructure, NSB warns https://securityaffairs.com/186658/intelligence/china-linked-groups-intensify-attacks-on-taiwans-critical-infrastructure-nsb-warns.html

Cyber Daily News January 7, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers https://securityaffairs.com/186616/hacking/hackers-actively-exploit-critical-rce-flaw-in-legacy-d-link-dsl-routers.html - Unpatched TOTOLINK EX200 Flaw Enables Root-Level Telnet Access, CERT/CC Warns https://thecyberexpress.com/cve-2025-65606-totolink-ex200-firmware/ - Veeam resolves CVSS 9.0 RCE flaw and other security issues https://securityaffairs.com/186630/security/veeam-resolves-cvss-9-0-rce-flaw-and-other-security-issues.html - Google fixes critical Dolby Decoder bug in Android January update https://securityaffairs.com/186591/security/google-fixes-critical-dolby-decoder-bug-in-android-january-update.html - UK Unveils £210M Cyber Overhaul as Nation Faces “Critically High” Digital Threat https://thecyberexpress.com/uk-unveils-210m-cyber-action-plan/ - Phishing campaign abuses Google Cloud services to steal Microsoft 365 logins https://www.malwarebytes.com/blog/news/2026/01/phishing-campaign-abuses-google-cloud-services-to-steal-microsoft-365-logins - One million customers on alert as extortion group claims massive Brightspeed data haul https://www.malwarebytes.com/blog/news/2026/01/one-million-customers-on-alert-as-extortion-group-claims-massive-brightspeed-data-haul

Cyber Daily News January 6, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - European Commission Investigates Grok AI After Explicit Images of Minors Surface https://thecyberexpress.com/european-commission-investigates-grok-ai/ - Critical n8n Vulnerability Allows Arbitrary Command Execution (CVE-2025-68668) https://thecyberexpress.com/n8n-vulnerability-cve-2025-68668/ - Taiwan Reports 2.6 Million Chinese Cyberattacks Per Day in 2025 https://thecyberexpress.com/taiwan-chinese-cyberattacks-2025/ - Higham Lane School Cyberattack Disrupts IT Systems, Forcing Temporary Closure https://thecyberexpress.com/higham-lane-school-cyberattack/ - Crimson Collective Claims Breach of U.S. Fiber Broadband Provider Brightspeed https://thecyberexpress.com/crimson-collective-claims-brightspeed-breach/ - Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025 https://securityaffairs.com/186571/apt/russia-linked-apt-uac-0184-uses-viber-to-spy-on-ukrainian-military-in-2025.html - Kimwolf botnet leverages residential proxies to hijack 2M+ Android devices https://securityaffairs.com/186559/malware/kimwolf-botnet-leverages-residential-proxies-to-hijack-2m-android-devices.html

Cyber Daily News January 5, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Critical IBM API Connect Vulnerability Enables Authentication Bypass https://thecyberexpress.com/ibm-api-connect-security-vulnerability/ - Sedgwick discloses data breach after TridentLocker ransomware attack https://securityaffairs.com/186525/data-breach/sedgwick-discloses-data-breach-after-tridentlocker-ransomware-attack.html - ManageMyHealth Provides Update on Ongoing Cyberattack Investigation https://thecyberexpress.com/managemyhealth-hack-explained/ - European Space Agency Confirms Cybersecurity Breach on External Servers https://thecyberexpress.com/european-space-agency-confirms-cyber-incident/ - Resecurity Caught ShinyHunters in Honeypot https://securityaffairs.com/186528/security/resecurity-caught-shinyhunters-in-honeypot.html - SlowMist Flags Potential Security Risk at HitBTC Exchange https://thecyberexpress.com/hitbtc-exchange-critical-security-warning/

Cyber Daily News January 22, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Cisco fixed actively exploited Unified Communications zero day https://securityaffairs.com/187177/security/cisco-fixed-actively-exploited-unified-communications-zero-day.html - Critical Vulnerability in Advanced Custom Fields: Extended Plugin Puts 100,000 WordPress Sites at Risk https://thecyberexpress.com/acf-add-on-vulnerability-wordpress/ - Zoom fixed critical Node Multimedia Routers flaw https://securityaffairs.com/187165/security/zoom-fixed-critical-node-multimedia-routers-flaw.html - ACME flaw in Cloudflare allowed attackers to reach origin servers https://securityaffairs.com/187156/security/acme-flaw-in-cloudflare-allowed-attackers-to-reach-origin-servers.html - Malicious Google Calendar invites could expose private data https://www.malwarebytes.com/blog/news/2026/01/malicious-google-calendar-invites-could-expose-private-data - EU to Phase Out ‘High-risk’ Mobile and Telecom Network Products https://thecyberexpress.com/eu-high-risk-mobile-telecom-network-products/

Cyber Daily News January 4, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - French authorities investigate AI ‘undressing’ deepfakes on X https://securityaffairs.com/186460/ai/french-authorities-investigate-ai-undressing-deepfakes-on-x.html - President Trump blocks $2.9M Emcore chip sale over security concerns https://securityaffairs.com/186473/security/president-trump-blocks-2-9m-emcore-chip-sale-over-security-concerns.html

Cyber Daily News January 3, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Covenant Health data breach after ransomware attack impacted over 478,000 people https://securityaffairs.com/186439/data-breach/covenant-health-data-breach-after-ransomware-attack-impacted-over-478000-people.html - Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case https://securityaffairs.com/186446/cyber-crime/two-u-s-cybersecurity-professionals-plead-guilty-in-blackcat-alphv-ransomware-case.html - Thousands of ColdFusion exploit attempts spotted during Christmas holiday https://securityaffairs.com/186450/uncategorized/thousands-of-coldfusion-exploit-attempts-spotted-during-christmas-holiday.html

Cyber Daily News January 2, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - China’s New Cybersecurity Law Is Here — And It Changes Everything for Businesses https://thecyberexpress.com/china-cybersecurity-law-2026/ - IBM warns of critical API Connect bug enabling remote access https://securityaffairs.com/186417/security/ibm-warns-of-critical-api-connect-bug-enabling-remote-access.html - Trust Wallet confirms second Shai-Hulud supply-chain attack, $8.5M in crypto stolen https://securityaffairs.com/186398/hacking/trust-wallet-confirms-second-shai-hulud-supply-chain-attack-8-5m-in-crypto-stolen.html - React2Shell under attack: RondoDox Botnet spreads miners and malware https://securityaffairs.com/186386/uncategorized/react2shell-under-attack-rondodox-botnet-spreads-miners-and-malware.html - La Poste and La Banque Postale Hit by Cyberattack, Online Services Disrupted https://thecyberexpress.com/la-poste-la-banque-postale-cyberattack-2026/

Cyber Daily News January 1, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Shai-Hulud Supply Chain Attack Drained $8.5 Million from Trust Wallet Users https://thecyberexpress.com/shai-hulud-attack-trust-wallet/ - Singapore CSA warns of maximun severity SmarterMail RCE flaw https://securityaffairs.com/186353/security/singapore-csa-warns-of-maximun-severity-smartermail-rce-flaw.html

Cyber Daily News December 31, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Singapore CSA Warns of Critical SmarterMail Flaw Enabling Unauthenticated Remote Code Execution https://thecyberexpress.com/csa-alert-cve-2025-52691/ - MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs https://securityaffairs.com/186338/hacking/mongobleed-cve-2025-14847-the-us-china-and-the-eu-are-among-the-top-exploited-geos.html - Latest Oracle EBS Victims Include Korean Air, University of Phoenix https://thecyberexpress.com/oracle-ebs-victims-university-of-phoenix/ - Two Security Experts Plead Guilty in BlackCat Ransomware Case https://thecyberexpress.com/security-experts-blackcat-ransomware-case/

Cyber Daily News December 30, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Coupang Breach Suspect Tried to Hide Evidence by Throwing Laptop in River https://thecyberexpress.com/coupang-breach-suspect-threw-laptop-in-river/ - Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems https://securityaffairs.com/186308/malware/lithuanian-suspect-arrested-over-kmsauto-malware-that-infected-2-8m-systems.html - U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/186297/hacking/u-s-cisa-adds-a-flaw-in-mongodb-server-to-its-known-exploited-vulnerabilities-catalog.html - Romania’s Oltenia Energy Complex suffers major ransomware attack https://securityaffairs.com/186290/cyber-crime/romanias-oltenia-energy-complex-suffers-major-ransomware-attack.html

Cyber Daily News December 29, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Critical ‘MongoBleed’ Flaw Exploited in the Wild to Leak Database Secrets https://thecyberexpress.com/critical-mongobleed-flaw-exploited-in-the-wild/ - Shai-Hulud Returns with ‘Golden Path’ Malware in Latest NPM Supply Chain Attack https://thecyberexpress.com/shai-hulud-golden-path-malwar-npm-supply-chain/ - Evasive Panda cyberespionage campaign uses DNS poisoning to install MgBot backdoor https://securityaffairs.com/186213/apt/evasive-panda-cyberespionage-campaign-uses-dns-poisoning-to-install-mgbot-backdoor.html - Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk https://securityaffairs.com/186224/data-breach/conde-nast-faces-major-data-breach-2-3m-wired-records-leaked-40m-more-at-risk.html

Cyber Daily News December 28, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Stolen LastPass backups enable crypto theft through 2025 https://securityaffairs.com/186191/digital-id/stolen-lastpass-backups-enable-crypto-theft-through-2025.html - LangChain core vulnerability allows prompt injection and data exposure https://securityaffairs.com/186185/hacking/langchain-core-vulnerability-allows-prompt-injection-and-data-exposure.html

Cyber Daily News December 27, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Critical Net-SNMP Flaw CVE-2025-68615 Allows Remote Buffer Overflow and Service Crashes https://thecyberexpress.com/cve-2025-68615-critical-net-snmp-snmptrapd/ - Pro-Russian group Noname057 claims cyberattack on La Poste services https://securityaffairs.com/186157/hacktivism/pro-russian-group-noname057-claims-cyberattack-on-la-poste-services.html - Trust Wallet warns users to update Chrome extension after $7M security loss https://securityaffairs.com/186163/cyber-crime/trust-wallet-warns-users-to-update-chrome-extension-after-7m-security-loss.html - NPM package with 56,000 downloads compromises WhatsApp accounts https://securityaffairs.com/186174/malware/npm-package-with-56000-downloads-compromises-whatsapp-accounts.html

Cyber Daily News December 26, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited https://securityaffairs.com/186117/security/five-year-old-fortinet-fortios-ssl-vpn-flaw-actively-exploited.html

Cyber Daily News January 21, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Cloudflare Zero-Day Let Attackers Bypass WAF via ACME Certificate Validation Path https://thecyberexpress.com/cloudflare-zero-day-waf-bypass-acme/ - When Language Becomes the Attack Surface: Inside the Google Gemini Calendar Exploit https://thecyberexpress.com/google-gemini-calendar-exploit/ - Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems https://securityaffairs.com/187110/hacking/critical-tp-link-vigi-camera-flaw-allowed-remote-takeover-of-surveillance-systems.html - Ransomware and Supply Chain Attacks Set Records in 2025 https://thecyberexpress.com/ransomware-and-supply-chain-attacks-set-record/ - NCSC Warns of Rising Russian-Aligned Hacktivist Attacks on UK Organisations https://thecyberexpress.com/russian-aligned-hacktivist-groups-active-in-uk/

Cyber Daily News December 25, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - High-severity MongoDB flaw CVE-2025-14847 could lead to server takeover https://securityaffairs.com/186107/security/high-severity-mongodb-flaw-cve-2025-14847-could-lead-to-server-takeover.html - FBI seized ‘web3adspanels.org’ hosting stolen logins https://securityaffairs.com/186094/cyber-crime/fbi-seized-web3adspanels-org-hosting-stolen-logins.html - U.S. Federal Communications Commission (FCC) bans foreign-made drones over national security concerns https://securityaffairs.com/186084/laws-and-regulations/u-s-federal-communications-commission-fcc-bans-foreign-made-drones-over-national-security-concerns.html

Cyber Daily News December 24, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - 59,000 Servers Breached: Operation PCPcat Targets React and Next.js at Internet Scale https://thecyberexpress.com/pcpcat-react-servers-nextjs-breach/ - U.S. Authorities Seize Domain Linked to $28 Million Bank Account Takeover Fraud https://thecyberexpress.com/bank-account-takeover-fraud/ - La Poste outage after a cyber attack disrupts digital banking and online services https://securityaffairs.com/186064/security/la-poste-outage-after-a-cyber-attack.html - Critical n8n flaw could enable arbitrary code execution https://securityaffairs.com/186036/hacking/critical-n8n-flaw-could-enable-arbitrary-code-execution.html - Indian Vehicle Owners Warned as Browser-Based e-Challan Phishing Gains Momentum https://thecyberexpress.com/rto-scam-browser-based-e-challan-phishing/ - Agencies Across Africa Arrest 574, Recover $3 Million in Cybercrime Crackdown https://thecyberexpress.com/africa-574-arrested-in-cybercrime-crackdown/

Cyber Daily News December 23, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Romanian Water Authority Hit by Ransomware; 1,000 Systems Across 10 Regions Compromised https://thecyberexpress.com/romanian-water-authority-ransomware-attack/ - U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/186021/security/u-s-cisa-adds-a-flaw-in-digiever-ds-2105-pro-to-its-known-exploited-vulnerabilities-catalog.html - La Poste Cyberattack Disrupts Postal and Banking Services in France Ahead of Christma https://thecyberexpress.com/la-poste-cyberattack/ - Kuaishou Cyberattack Disrupts Livestreaming, Triggers Sharp Stock Decline https://thecyberexpress.com/kuaishou-cyberattack/ - South Korea’s Shinhan Card Data Breach Affects 192,000 Merchants https://thecyberexpress.com/shinhan-card-data-breach/ - Japan Adopts New Cybersecurity Strategy to Counter Rising Cyber Threats https://thecyberexpress.com/japan-cybersecurity-strategy-five-year-plan/

Cyber Daily News December 22, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - New Flaw in Somalia’s E-Visa System Exposes Travelers’ Passport Data https://thecyberexpress.com/somalia-e-visa-security-flaw-data-exposure/ - Infy Returns: Iran-linked hacking group shows renewed activity https://securityaffairs.com/185987/security/infy-returns-iran-linked-hacking-group-shows-renewed-activity.html - University of Sydney discloses a data breach impacting 27,000 people https://securityaffairs.com/185947/breaking-news/university-of-sydney-discloses-a-data-breach-impacting-27000-people.html - Pornhub tells users to expect sextortion emails after data exposure https://www.malwarebytes.com/blog/news/2025/12/pornhub-tells-users-to-expect-sextortion-emails-after-data-exposure

Cyber Daily News December 21, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Massive Android botnet Kimwolf infects millions, strikes with DDoS https://securityaffairs.com/185921/malware/massive-android-botnet-kimwolf-infects-millions-strikes-with-ddos.html - ATM Jackpotting ring busted: 54 indicted by DoJ https://securityaffairs.com/185908/cyber-crime/atm-jackpotting-ring-busted-54-indicted-by-doj.html

Cyber Daily News December 20, 2025 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says https://securityaffairs.com/185885/hacking/russia-was-behind-a-destructive-cyber-attack-on-a-water-utility-in-2024-denmark-says.html - CL0P Ransomware Group Targets Gladinet CentreStack in New Campaign https://thecyberexpress.com/cl0p-ransomware-targets-gladinet-centrestack/ - U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/185896/hacking/u-s-cisa-adds-a-flaw-in-watchguard-fireware-os-to-its-known-exploited-vulnerabilities-catalog.html - Sophisticated Attack Campaign Exposes Loader Used by Multiple Threat Actors https://thecyberexpress.com/sophisticated-attack-campaign-loader/

Cyber Daily News December 19, 2025 Stories mentioned in today's briefing: - China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager https://securityaffairs.com/185861/apt/china-linked-apt-uat-9686-is-targeting-cisco-secure-email-gateway-and-secure-email-and-web-manager.html - Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw https://securityaffairs.com/185853/security/hewlett-packard-enterprise-hpe-fixed-maximum-severity-oneview-flaw.html - ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks https://securityaffairs.com/185867/security/asrock-asus-gigabyte-msi-boards-vulnerable-to-pre-boot-memory-attacks.html - CISA warns ASUS Live Update backdoor is still exploitable, seven years on https://www.malwarebytes.com/blog/news/2025/12/cisa-warns-asus-live-update-backdoor-is-still-exploitable-seven-years-on - Denmark Accuses Russia of Destructive Cyberattacks Amid Rising Hybrid Threats in Europe https://thecyberexpress.com/russia-denmark-cyberattack2025/ - University of Sydney Cyberattack Exposes Decades of Staff and Student Data https://thecyberexpress.com/university-of-sydney-cyberattack-data-breach/ - CLOP targets Gladinet CentreStack servers in large-scale extortion campaign https://securityaffairs.com/185875/cyber-crime/clop-targets-gladinet-centrestack-servers-in-large-scale-extortion-campaign.html - France Alleges ‘Foreign Interference’ After RAT Malware Found on Ferry https://thecyberexpress.com/france-ferry-malware/

Cyber Daily News December 18, 2025 Stories mentioned in today's briefing: - FBI Seizes E-Note Crypto Exchange Linked to Ransomware Money Laundering https://thecyberexpress.com/e-note-crypto-exchange-seized/ - Cisco Warns of Active Cyberattack Exploiting Critical AsyncOS Vulnerability https://thecyberexpress.com/cisco-cve-2025-20393-secure-email-cyberattack/ - Askul Restarts Logistics as Ransomware Attack Exposes 740,000 Records https://thecyberexpress.com/askul-cyberattack-logistics-resume/ - Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw https://securityaffairs.com/185853/security/hewlett-packard-enterprise-hpe-fixed-maximum-severity-oneview-flaw.html - GhostPairing campaign abuses WhatsApp device linking to hijack accounts https://securityaffairs.com/185814/hacking/ghostpairing-campaign-abuses-whatsapp-device-linking-to-hijack-accounts.html - France Alleges ‘Foreign Interference’ After RAT Malware Found on Ferry https://thecyberexpress.com/france-ferry-malware/

Cyber Daily News January 20, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - UK NCSC warns of Russia-linked hacktivists DDoS attacks https://securityaffairs.com/187095/hacktivism/uk-ncsc-warns-of-russia-linked-hacktivists-ddos-attacks.html - Ransomware attack on Ingram Micro impacts 42,000 individuals https://securityaffairs.com/187083/data-breach/ransomware-attack-on-ingram-micro-impacts-42000-individuals.html - Google will pay $8.25m to settle child data-tracking allegations https://www.malwarebytes.com/blog/news/2026/01/google-will-pay-8-25m-to-settle-child-data-tracking-allegations - Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions https://securityaffairs.com/187102/cyber-crime/telegram-based-illicit-billionaire-marketplace-tudou-guarantee-stopped-transactions.html

Cyber Daily News January 19, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - EU and INTERPOL Hunt Black Basta Ransomware Kingpin, Suspects Identified in Ukraine https://thecyberexpress.com/black-basta-ransomware-eu-most-wanted-interpol/ - Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems https://securityaffairs.com/187048/security/hacker-pleads-guilty-to-hacking-supreme-court-americorps-and-va-systems.html - Hacktivists hijacked Iran ’s state TV to air anti-regime messages and an appeal to protest from Reza Pahlavi https://securityaffairs.com/187055/hacktivism/hacktivists-hijacked-iran-state-tv-to-broadcast-anti-regime-messages-and-reza-pahlavis-protest-appeal.html - GootLoader uses malformed ZIP files to bypass security controls https://securityaffairs.com/187037/cyber-crime/gootloader-uses-malformed-zip-files-to-bypass-security-controls.html - The Year Ransomware Went Fully Decentralized: Cyble’s 2025 Threat Analysis https://thecyberexpress.com/cyble-2025-threat-landscape-ransomware-report/

Cyber Daily News January 18, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Ukraine–Germany operation targets Black Basta, Russian leader wanted https://securityaffairs.com/187008/cyber-crime/ukraine-germany-operation-targets-black-basta-russian-leader-wanted.html - China-linked APT UAT-8837 targets North American critical infrastructure https://securityaffairs.com/186999/breaking-news/china-linked-apt-uat-8837-targets-north-american-critical-infrastructure.html

Cyber Daily News January 17, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - China-linked APT UAT-8837 targets North American critical infrastructure https://securityaffairs.com/186999/breaking-news/china-linked-apt-uat-8837-targets-north-american-critical-infrastructure.html

Cyber Daily News January 16, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Cyberattack Hits Poland’s Power System, But Blackout Prevented https://thecyberexpress.com/poland-cyberattack-energy-grid-blackout/ - China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug https://securityaffairs.com/186985/apt/china-linked-apt-uat-9686-abused-now-patched-maximum-severity-asyncos-bug.html - Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover https://securityaffairs.com/186976/security/actively-exploited-critical-flaw-in-modular-ds-wordpress-plugin-enables-admin-takeover.html - “Reprompt” attack lets attackers steal data from Microsoft Copilot https://www.malwarebytes.com/blog/news/2026/01/reprompt-attack-lets-attackers-steal-data-from-microsoft-copilot - Grok Image Abuse Prompts X to Roll Out New Safety Limits https://thecyberexpress.com/x-tightens-grok-ai-controls/

Cyber Daily News January 15, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Microsoft Crushes Cybercrime Subscription Service Behind $40 Million Fraud Spree https://thecyberexpress.com/redvds-service-dismantled/ - Fortinet fixed two critical flaws in FortiFone and FortiSIEM https://securityaffairs.com/186902/security/fortinet-fixed-two-critical-flaws-in-fortifone-and-fortisiem.html - CERT-UA reports PLUGGYAPE cyberattacks on defense forces https://securityaffairs.com/186910/intelligence/cert-ua-reports-pluggyape-cyberattacks-on-defense-forces.html - China bans U.S. and Israeli cybersecurity software over security concerns https://securityaffairs.com/186920/intelligence/china-bans-u-s-and-israeli-cybersecurity-software-over-security-concerns.html - Lumen disrupts AISURU and Kimwolf botnet by blocking over 550 C2 servers https://securityaffairs.com/186918/cyber-crime/lumen-disrupts-aisuru-and-kimwolf-botnet-by-blocking-over-550-c2-servers.html

Cyber Daily News January 25, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Osiris ransomware emerges, leveraging BYOVD technique to kill security tools https://securityaffairs.com/187279/security/osiris-ransomware-emerges-leveraging-byovd-technique-to-kill-security-tools.html

Cyber Daily News January 26, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid https://securityaffairs.com/187309/breaking-news/russia-linked-sandworm-apt-implicated-in-major-cyber-attack-on-polands-power-grid.html - Nike is investigating a possible data breach, after WorldLeaks claims https://securityaffairs.com/187303/data-breach/nike-is-investigating-a-possible-data-breach-after-worldleaks-claims.html

Cyber Daily News January 27, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - CISA Flags Actively Exploited VMware vCenter RCE Flaw in KEV Catalog https://thecyberexpress.com/vmware-vcenter-cve-2024-37079-exploited/ - Microsoft Releases Emergency Fix for Exploited Office Zero-Day https://thecyberexpress.com/microsoft-emergency-fix-for-office-zero-day/ - European Commission Launches Fresh DSA Investigation Into X Over Grok AI Risks https://thecyberexpress.com/grok-ai-faces-eu-investigation-under-dsa/ - ShinyHunters, CL0P Return with New Claimed Victims https://thecyberexpress.com/shinyhunters-cl0p-return-with-new-victims/ - Energy sector targeted in multi-stage phishing and BEC campaign using SharePoint https://securityaffairs.com/187332/cyber-crime/energy-sector-targeted-in-multi-stage-phishing-and-bec-campaign-using-sharepoint.html

Cyber Daily News January 28, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Hackers Exploit React2Shell Vulnerability to Deploy Miners and Botnets Worldwide https://thecyberexpress.com/cve-2025-55182-react2shell-active-exploitation/ - US Charges 87 in Major ATM Jackpotting Scheme Linked to Tren de Aragua https://thecyberexpress.com/atm-jackpotting-scheme/ - A WhatsApp bug lets malicious media files spread through group chats https://www.malwarebytes.com/blog/news/2026/01/a-whatsapp-bug-lets-malicious-media-files-spread-through-group-chats - Major Cyberattack Cripples Russia’s Alarm and Vehicle Security Provider Delta https://thecyberexpress.com/cyberattack-on-delta/ - Watch out for AT&T rewards phishing text that wants your personal details https://www.malwarebytes.com/blog/threat-intel/2026/01/watch-out-for-att-rewards-phishing-text-that-wants-your-personal-details

Cyber Daily News January 29, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Google Dismantles Massive Proxy Network That Hid Espionage, Cybercrime for Nation-State Actors https://thecyberexpress.com/google-dismantles-massive-proxy-network/ - OpenSSL issued security updates to fix 12 flaws, including Remote Code Execution https://securityaffairs.com/187445/security/openssl-issued-security-updates-to-fix-12-flaws-including-remote-code-execution.html - Malicious Open Source Software Packages Neared 500,000 in 2025 https://thecyberexpress.com/malicious-open-source-software-packages/ - Fortinet patches actively exploited FortiOS SSO auth bypass (CVE-2026-24858) https://securityaffairs.com/187426/security/fortinet-patches-actively-exploited-fortios-sso-auth-bypass-cve-2026-24858.html - Bumble, Panera Bread, Match Group, and CrunchBase Hit by New Wave of Cyberattacks https://thecyberexpress.com/bumble-panera-crunchbase-match-cyberattacks/

Cyber Daily News February 14, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release https://securityaffairs.com/187962/uncategorized/attackers-exploit-beyondtrust-cve-2026-1731-within-hours-of-poc-release.html - New threat actor UAT-9921 deploys VoidLink against enterprise sectors https://securityaffairs.com/187969/ai/new-threat-actor-uat-9921-deploys-voidlink-against-enterprise-sectors.html

Cyber Daily News February 13, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Apple patches zero-day flaw that could let attackers take control of devices https://www.malwarebytes.com/blog/news/2026/02/apple-patches-zero-day-flaw-that-could-let-attackers-take-control-of-devices - 8,000+ ChatGPT API Keys Left Publicly Accessible https://thecyberexpress.com/exposed-chatgpt-api-keys-github-websites/ - Odido confirms massive breach; 6.2 Million customers impacted https://securityaffairs.com/187927/uncategorized/odido-confirms-massive-breach-6-2-million-customers-impacted.html - ApolloMD data breach impacts 626,540 people https://securityaffairs.com/187921/data-breach/apollomd-data-breach-impacts-626540-people.html - U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/187937/security/u-s-cisa-adds-solarwinds-web-help-desk-notepad-microsoft-configuration-manager-and-apple-devices-flaws-to-its-known-exploited-vulnerabilities-catalog.html - Adversaries Exploiting Proprietary AI Capabilities, API Traffic to Scale Cyberattacks https://thecyberexpress.com/gtig-ai-threat-tracker/ - Outlook add-in goes rogue and steals 4,000 credentials and payment data https://www.malwarebytes.com/blog/news/2026/02/outlook-add-in-goes-rogue-and-steals-4000-credentials-and-payment-data

Cyber Daily News February 4, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - French Police Raid X Offices as Grok Investigations Grow https://thecyberexpress.com/french-police-raid-x-grok-investigations/ - Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure https://securityaffairs.com/187587/hacking/hackers-abused-react-native-cli-flaw-to-deploy-rust-malware-before-public-disclosure.html - APT28 exploits Microsoft Office flaw in Operation Neusploit https://securityaffairs.com/187581/apt/apt28-exploits-microsoft-office-flaw-in-operation-neusploit.html - U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/187592/security/u-s-cisa-adds-solarwinds-web-help-desk-sangoma-freepbx-and-gitlab-flaws-to-its-known-exploited-vulnerabilities-catalog.html - Spain Ban Social Media Platforms for Kids as Global Trend Grows https://thecyberexpress.com/spain-ban-social-media-platforms-kids/ - An AI plush toy exposed thousands of private chats with children https://www.malwarebytes.com/blog/news/2026/02/an-ai-plush-toy-exposed-thousands-of-private-chats-with-children

Cyber Daily News February 3, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Critical vLLM Flaw Exposes Millions of AI Servers to Remote Code Execution https://thecyberexpress.com/cve-2026-22778-vllm-rce-malicious-video-link/ - IPIDEA Proxy Network Dismantled: Global Cybercrime and Botnet Risks Exposed https://thecyberexpress.com/ipidea-proxy-residential-network-disruption/ - Russian APT28 Exploit Zero-Day Hours After Microsoft Discloses Office Vulnerability https://thecyberexpress.com/russian-apt28-exploit-zero-day-cve-2026-21509/ - MoltBot Skills exploited to distribute 400+ malware packages in days https://securityaffairs.com/187562/malware/moltbot-skills-exploited-to-distribute-400-malware-packages-in-days.html - Hackers exploit unsecured MongoDB instances to wipe data and demand ransom https://securityaffairs.com/187548/security/hackers-exploit-unsecured-mongodb-instances-to-wipe-data-and-demand-ransom.html - Panera Bread breach affected 5.1 Million accounts, HIBP Confirms https://securityaffairs.com/187556/data-breach/panera-bread-breach-affected-5-1-million-accounts-hibp-confirms.html

Cyber Daily News February 2, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - CrossCurve Bridge Hacked for $3M After Smart Contract Validation Vulnerability Exploited https://thecyberexpress.com/crosscurve-bridge-3m-cyberattack/ - U.S. and Bulgaria Shut Down Three Major Piracy Websites in EU Crackdown https://thecyberexpress.com/online-piracy-sites-seized-bulgarian-crackdown/

Cyber Daily News February 1, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - DOJ releases details alleged talented hacker working for Jeffrey Epstein https://securityaffairs.com/187515/laws-and-regulations/doj-releases-details-alleged-talented-hacker-working-for-jeffrey-epstein.html

Cyber Daily News January 31, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Match, Hinge, OkCupid, and Panera Bread breached by ransomware group https://www.malwarebytes.com/blog/news/2026/01/match-hinge-okcupid-and-panera-bread-breached-by-ransomware-group - Default Credentials, Vulnerable Devices Exploited in Polish Energy Grid Attack https://thecyberexpress.com/default-credentials-polish-energy-grid-attack/ - The Cyber Express Weekly Roundup: Threats, Regulations, and Digital Security Trends https://thecyberexpress.com/the-cyber-express-weekly-roundup-january-2026/ - SmarterTools patches critical SmarterMail flaw allowing code execution https://securityaffairs.com/187496/security/smartertools-patches-critical-smartermail-flaw-allowing-code-execution.html